-
Notifications
You must be signed in to change notification settings - Fork 17
/
Copy pathdependabot.yml
30 lines (29 loc) · 1.08 KB
/
dependabot.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
# See: https://docs.github.com/en/code-security/supply-chain-security/configuration-options-for-dependency-updates#about-the-dependabotyml-file
version: 2
updates:
# Configure check for outdated GitHub Actions actions in workflows.
# See: https://docs.github.com/en/code-security/supply-chain-security/keeping-your-actions-up-to-date-with-dependabot
- package-ecosystem: github-actions
directory: / # Check the repository's workflows under /.github/workflows/
schedule:
interval: daily
labels:
- "topic: infrastructure"
- package-ecosystem: npm
directory: /
schedule:
interval: daily
labels:
- "topic: infrastructure"
ignore:
- dependency-name: "@types/node"
# @types/node should be kept in sync with the major version of Node.js that is in use.
# So we only want automated updates for minor and patch releases of this dependency.
update-types:
- "version-update:semver-major"
- package-ecosystem: pip
directory: /
schedule:
interval: daily
labels:
- "topic: infrastructure"